Though more Canadian companies have cybersecurity insurance than global firms, 36% still hold no coverage to protect themselves against cyber risk, says a new survey by Ovum and FICO.

Comparatively, 50% of U.S.-based firms have no cybersecurity insurance, while that figure is 40% at the global level. As well, only 18% of Canadian executives say they don’t plan on purchasing cybersecurity insurance, while that figure sits at 27% in the U.S. Responses were collected by 350 executives from several counties.

“Without cyber-risk insurance, organizations are leaving themselves in a vulnerable position,” says Kevin Deveau, the vice president and managing director of FICO Canada, in a statement. “It’s important for businesses to assess the strength of their cybersecurity defences and to make sure they are covered if they are faced with a data breach. The ripple effect of a breach can be felt throughout the organization for a very long time, especially now that Canada’s Digital Privacy Act will require organizations to report any breaches to regulators and customers.”

Though Canada leads the globe in adopting cybersecurity coverage, many executives aren’t clear about what the policies protect them from. Only 18% of Canadian respondents say they have cybersecurity insurance that covers all likely risks, and 80% feel that insurers should do more to help organizational decision makers understand how risk pricing is calculated.

A further 20% feel that the premiums calculated based on their business do not accurately reflect their risk profile. To help firms better understand cyber security insurance, 26% of those surveyed said an established industry standard to benchmark cybersecurity risk would be beneficial.